Imperva has announced Imperva Attack Analytics, which uses the power of artificial intelligence to automatically group, consolidate and analyze thousands of web application firewall (WAF) security alerts across different environments to identify the most critical security events. It combats security alert fatigue by producing a one-line description, or narrative, from thousands of alerts allowing security teams to easily identify the attacks that pose the highest risk.
“Attack Analytics delivers on our key strategies: to provide customers with clear and actionable insights through data and analytics, and to deliver innovative services that extend our offerings. We’ve provided an innovative solution that uses the threat intelligence data from our worldwide installed base to cut through the noise and pinpoint the threats that matter most,” said Eldad Chai, senior vice president of product management at Imperva. “Whether from an on-premises WAF, in the cloud or across hybrid environments, Attack Analytics allows customers to identify and track global, industry and per site patterns, instead of looking at individual alerts, which allows them to respond faster to emerging patterns and stay ahead of the curve.”
Attacks on enterprise networks are growing in both number and sophistication as attackers gain technical acumen, and toolkits to easily launch and maintain persistent attack campaigns are readily available. The increase in the number of alerts is overloading security analysts who are already stretched thin. In fact, 27 percent of the respondents to an Imperva survey at the 2018 RSA security conference said that they receive more than one million event alerts a day.
By leveraging machine learning algorithms, Attack Analytics automates the time-consuming process of combining, correlating and distilling application attack events and can condense days or weeks of work into minutes. Critical attacks are instantly prioritized so security teams can respond faster, significantly reducing risk and ultimately improving the company’s security posture.
Imperva Attack Analytics helps to:
- Reduce security risk – By grouping thousands of security incidents into unique prioritized narratives, Attack Analytics makes it easier for a security analyst to investigate and focus on the incidents that matter.
- Increase visibility of critical attacks – To more easily identify enterprise-wide attack campaigns, Attack Analytics collects event data from Imperva’s cloud, hybrid and on-premises WAFs to provide a unified view of security events across the enterprise all monitored from one screen.
- Leverage Imperva global insights – The solution gathers intelligence from the global Imperva knowledge base to identify attack patterns. These insights are fed into machine learning algorithms and applied to each customer’s event data to uncover emerging attack campaigns and hidden security threats.
Imperva Attack Analytics will be available in the second quarter.